Menu

I Know The Country, Town, and City You Are Connecting From (IP Geolocation)

Every browser leaves a log of their public IP address when it connects to any website – if it didn’t, the website would have no idea where to send the requested Web page. What many people do not realize is the tremendous amount that websites can learn about a visitor — instantly — just from their IP address. Remember: IP addresses are not handed out at random. They’re assigned in blocks and publicly registered to specific ISPs or other organizations (universities, governments, corporations, etc.) This IP address registration information is publicly accessible through ARIN and other registrars. WhatIsMyIPAddress.com” is great resource to begin to see what your IP address reveals.

Furthermore, IP addresses have often been put to use geographically over the years. Many independent firms have built up large databases linking countries, states, and cities to particular IP ranges. One method used to create IP-Geolocation databases is through online account registration. For example, when people provide their physical address to a website, the website can easily log their IP address at the time. Do this a few billion times across hundreds of millions of websites and you begin to get a fairly comprehensive association between a physical locations and an IP addresses.

Many IP-Geolocation services, such as MaxMind, are available that allow anyone to query an IP address and receive information about it in return — information such as the country, state/province, city, postal code, and telephone area code for the region, and even latitude and longitude. Many IPs also indicate if the network is a home, university, corporation, government, military, or other type of network.

So unless the browser or network the computer is connecting through is configured to use a proxy, the IP address will reveal a lot. And even if the browser is proxied, that can also be detected. Proxies are often located on well-known IP ranges, so although the website might not know the browser’s real IP address (and by extension the physical location of the computer), it will know that the browser is trying to hide.

Beyond that, as has beenrepeatedlydemonstrated, it is possible for http://maliciouswebsite/ to manipulate a browser and force it to send Internet traffic outside of proxy protection and in that way find its actual IP address. Usually these techniques work by forcing the browser to send non-Web traffic, or by having a Plug-in send traffic that does not utilize the browser proxy configuration.

While these techniques work, they are a little tricky to implement and require http://maliciouswebsite/ to set-up a traffic capturing system that’s a bit difficult. Fortunately — for the attackers, that is — there are far simpler ways websites can circumvent proxy protection to find the browser’s real location and the visitor’s identity. Yes, even when using something like Tor. I’ll explain how in later sections.

About Jeremiah Grossman

Jeremiah Grossman is the Founder and interim CEO of WhiteHat Security, where he is responsible for Web security R&D and industry outreach. Over the last decade, Jeremiah has written dozens of articles, white papers, and is a published author. His work has been featured in the Wall Street Journal, Forbes, NY Times and hundreds of other media outlets around the world.
As a well-known security expert and industry veteran, Jeremiah has been a guest speaker on six continents at hundreds of events including TED, BlackHat Briefings, RSA, SANS, and others. He has been invited to guest lecture at top universities such as UC Berkeley, Stanford, Harvard, UoW Madison, and UCLA. Jeremiah is also a co-founder of the Web Application Security Consortium (WASC) and previously named one of InfoWorld's Top 25 CTOs.
He serves on the advisory board of two hot start-ups, Risk I/O and SD Elements, and is a Brazilian Jiu-Jitsu Black Belt. Before founding WhiteHat, he was an information security officer at Yahoo! Jeremiah can be found on Twitter @jeremiahg.

Greetings! This is my first comment here so I just wanted to give a quick
shout out and tell you I truly enjoy reading your articles.
Can you recommend any other blogs/websites/forums that deal with the same subjects?
Thank you so much!

I’m extremely impressed with your writing abilities and also with the layout to your blog. Is this a paid topic or did you modify it yourself? Anyway stay up the nice quality writing, it’s rare to
look a great blog like this one today..

I really like your blog.. very nice colors & theme.
Did you create this website yourself or did you hire someone to do it for you?
Plz answer back as I’m looking to create my own blog and would like to know where u got this from. thanks

Good day! This is kind of off topic but I need some guidance from an established blog.
Is it difficult to set up your own blog? I’m not very techincal but I can figure things out pretty quick. I’m thinking about making my own but I’m not sure where to begin. Do you have any points or suggestions? Many thanks

Hey there just wanted to give you a quick heads up.
The words in your article seem to be running
off the screen in Ie. I’m not sure if this is a formatting issue or something to do with internet browser compatibility but I thought I’d post to
let you know. The design and style look great though!
Hope you get the issue solved soon. Many thanks

Do you mind if I quote a couple of your posts as long as I
provide credit and sources back to your site? My blog site is in the very same niche as
yours and my visitors would really benefit from some of the information you provide here.
Please let me know if this alright with you. Regards!

Magnificent goods from you, man. I’ve understand your stuff previous to and you are just too great. I really like what you have acquired here, really like what you are saying and the way in which you say it. You make it entertaining and you still take care of to keep it wise. I cant wait to read much more from you. This is really a wonderful site.

I am extremely impressed with your writing skills
and also with the structure on your weblog. Is this
a paid subject matter or did you modify it your self? Anyway keep up the excellent quality writing, it is uncommon to look
a nice weblog like this one today..

Its like you read my mind! You seem to know
so much about this, like you wrote the book in it or something.
I think that you can do with a few pics to drive the
message home a bit, but other than that, this is wonderful blog.
A fantastic read. I’ll definitely be back.